netfilter: nf_nat: missing condition in nf_xfrm_me_harder()
authorDan Carpenter <dan.carpenter@oracle.com>
Wed, 24 Apr 2013 05:11:51 +0000 (05:11 +0000)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 24 Apr 2013 23:58:16 +0000 (01:58 +0200)
This if statement was accidentally dropped in (aaa795a netfilter:
nat: propagate errors from xfrm_me_harder()) so now it returns
unconditionally.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_nat_core.c

index 346f871cf096489e5eb63f339435043d8b29b7a2..cf1c731cdc3ec035618e309a63645e334fa8e6e8 100644 (file)
@@ -90,6 +90,7 @@ int nf_xfrm_me_harder(struct sk_buff *skb, unsigned int family)
        int err;
 
        err = xfrm_decode_session(skb, &fl, family);
+       if (err < 0)
                return err;
 
        dst = skb_dst(skb);